(Haifa, Israel – May 1, 2018) Regulus Cybertoday announced its Pyramid™ Suite of products, the first end-to-end solutions that provide security and mission reliability to the communication and sensor suite of autonomous cars & trucks, robots and drones, ensuring safety and operational robustness, supported by $6.3 million in Seed and Series A funding from Sierra Ventures, Canaan Partners Israel, the Technion and F2 Capital.

The security of autonomous vehicles is a concern that all automakers and OEMs are faced with since the very sensors that are at the heart of the vehicles (e.g., GPS, LiDAR, radar and cameras) are vulnerable to attacks.

Regulus Pyramid GPS SP (GPS Spoofing Protection) for autonomous vehicles and drones is a standalone module that integrates seamlessly with any vehicle. It is designed to protect the GPS system from spoofing attacks by differentiating between reliable GPS signals coming from satellites versus attack signals coming from illegitimate sources. The Pyramid GPS SP is a very small module (under 50 grams, 2 ounces) and is the first commercial grade solution to detect spoofing attacks on a Global Navigation Satellite System (GNSS).

Regulus also developed the Pyramid CSM (Communication & Security Manager) to guard drones from hacking and mission interference. Regulus Pyramid CSM is an external plug-and-play solution that protects drones from hackers via encryption and authenticity, ensures the safety of the communication and data being transmitted, and provides a visual heat map of the drone’s quality of communication so that remote pilots can have a comprehensive view of each drone’s flight path to assist in planning of future missions.

Security solutions for drones are imperative since the risks of a drone being hacked and flying off-course can be dangerous and perhaps life threatening. In addition to protecting the physical drone, the data that the drone is transmitting is crucial to have protected since UAVs can collect sensitive private data and are used in highly confidential and mission critical operations.

"We are very excited to lead this round of financing. Sensors security for autonomous machines will become as important as processors security. Regulus identified the key vulnerabilities and developed the best-in-class solutions,” states Ben Yu, Managing Director of Sierra Ventures. “Having been working with the company since seed funding, Sierra invested with strong confidence in the team to build Regulus into the category leader."

Regulus is led by Yonatan Zur, CEO, and Yoav Zangvil, CTO, who are both recognized as entrepreneurs and experts in security solutions for the military/homeland security. “In both newly emerging industries – autonomous vehicles and unmanned aerial vehicles – ensuring the security and mission reliability of each vehicle will be crucial,” says Zur. “Our solutions were developed to provide peace of mind, lower insurance rates and liability, and minimize equipment risk in an ever-evolving threat and interference environment.”

"We are proud to join the Regulus Cyber team in their journey towards building a leading security company in the fast growing space of autonomous systems", said Izhar Shay, Managing General Partner at Canaan Partners Israel. "We seek long term partnerships with entrepreneurs who are passionate about their ideas and diligent on executing their plans, and this is exactly what we have found at Regulus."

“F2 is excited to invest in Regulus and be a part the company’s vision to lead the market for autonomous vehicles security and reliability,” says Jonathan Saaks, Managing Partner at F2 Capital. “The need for a system like Regulus' will continue to grow and the company is very well positioned to be the leader in this space.”

An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability...

In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows,...

Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.